One thing I would question, however, is the viability of the study. The problem comes from some of the basic assessment. First is the problem of assuming that Microsoft and Red Hat are on par in terms of development team sizes. This is simply a fallacy, no matter in which OS camp you sit.

The second is in looking at the bug lists and what was included and excluded. What would be nice is actually seeing the rank of bugs. Microsoft seems to rank most of its bugs as critical. Red Hat patches everything, from bugs in Linux to bugs in applications running on top of Linux. The Redhat errata page for 7.3 lists fixes to MySQL, Python, Lynx, OpenSSL, etc… In order for a true side by side comparison, one would need to add IIS, Internet Explorer, Microsoft SQL server, etc… to the list of bugs listed in the Microsoft errata. When doing that side by side comparison, it still seems that Microsoft holds the leading position in buggy software.